If this is a random spammer on a random IP from a Chinese ISP, blocking the address will block him until he gets a new IP. Once he gets a new IP there is no guarantee it's in the same range or not.

If you don't want any comments from China at all, we'll have a solution for that in v5 ;)

How far away are we from where it would be okay to run v5 on my main blog (which has two other domains pointed at it.).

My site seem to have gotten unreliable recently...thought the mysql backend wasn't keeping up like I needed it to....but then I noticed that I've been climbing rather quickly to 80,000+ hits per day.

So, I looked at stats....and its all direct browser hits...large clusters of an IP fetching 100+ pages in less than a minute, and then another IP doing the same thing, and so on....and different ones doing different sets of pages, but there's only a few sets among the IPs.

And, 99% of the IPs are from China.

At first I was blocking individual IPs....after a while, I started looking up and blocking the whole ISP....then I thought I could may do an sql query of my hitlog and generate a list of IPs to block...(did a distinct and count type query)...but then how do I figure out which ones are bad. And, which ones are....ok?

#5 on the list is an IP that belongs to google....has google become evil yet?

Ended up going back to figuring out the ip ranges to block....almost feels like I'm blocking all of China now....after a day, direct browser hits had dropped to ~3k, but it has started up again again as I didn't get all the China ISPs....though now I'm starting see some HK and JP ISPs too....

The Dreamer.